<?php
   $username=trim($_GET['username']);
   $password=md5($_GET['password']);
   //连接mysql
	

    $db=new PDO("mysql:host=localhost;dbname=shenji","root","");
    $db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
    $db->exec("set names utf8");
   //if($username&&$password){
	
	$sql="select * from user where binary username=? and password=?";
	$result=$db->prepare($sql);
	$exerec=$result->execute(array($username,$password));

	if($exerec){
		$row=$result->fetch(PDO::FETCH_ASSOC);
		session_start();
		$status=$row['status'];
		$id=$row['id'];
		$_SESSION['username']=$username;		
		$_SESSION['status']=$status;
		$_SESSION['id']=$id;
		
		if(isset($status)){
			if($status==0){
				echo "<script>location='main2.php';</script>";
			}else{
				echo "<script>location='main.php';</script>";
			} 
		}else{
			echo "<script>alert('用户名或密码错误，请重新登录');</script>";
			echo "<script>location='login.php';</script>";
		}
	}else{
		echo "<script>alert('用户名或密码错误，请重新登录');</script>";
		echo "<script>location='login.php';</script>";
    }
	$db=null;

?>
